Marcin Nawrocki, Maynard Koch, Thomas C. Schmidt, Matthias Wählisch,
Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure,
In: Proc. of 17th International Conference on emerging Networking EXperiments and Technologies (CoNEXT)), p. 454–462, ACM : New York, December 2021.

Abstract: In this paper, we revisit the open DNS (ODNS) infrastructure and, for the first time, systematically measure and analyze transparent forwarders, DNS components that transparently relay between stub resolvers and recursive resolvers. Our key findings include four takeaways. First, transparent forwarders contribute 26% (563k) to the current ODNS infrastructure. Unfortunately, common periodic scanning campaigns such as Shadowserver do not capture transparent forwarders and thus underestimate the current threat potential of the ODNS. Second, we find an increased deployment of transparent forwarders in Asia and South America. In India alone, the ODNS consists of 80% transparent forwarders. Third, many transparent forwarders relay to a few selected public resolvers such as Google and Cloudflare, which confirms a consolidation trend of DNS stakeholders. Finally, we introduce DNSRoute++, a new traceceroute approach to understand the network infrastructure connecting transparent forwarders and resolvers.

Themes: Network Security , Internet Measurement and Analysis


This page generated by bibTOhtml on Mon 20 May 2024 12:05:06 AM UTC